It is possible to write as a user arbitrary text into the logs. Messages can be faked which could alert persons/surveillance systems.
https://turbochaos.blogspot.com/2014/08/journalctl-terminal-escape-injection.html?view=classic
It is possible to write as a user arbitrary text into the logs. Messages can be faked which could alert persons/surveillance systems.
https://turbochaos.blogspot.com/2014/08/journalctl-terminal-escape-injection.html?view=classic
Personal collection of some infosec stuff. Primary purpose of this site is to collect and organize for myself.
Note: Some content is not publicly visible due to copyright issues. Therefore, some links could be broken.
python -c 'import pty;pty.spawn("/bin/bash")';
python3 -c 'import pty;pty.spawn("/bin/bash")';
Leave a Reply
You must be logged in to post a comment.